Enable job alerts via email!
SOC Engineer - SC Cleared - Inside IR35
JR United Kingdom
Slough
On-site
GBP 50,000 - 70,000
Full time
Boost your interview chances
Create a job specific, tailored resume for higher success rate.
Job summary
A leading company in the public sector seeks a skilled SOC Engineer to enhance their security operations capabilities. The successful candidate will engage in deploying advanced Microsoft security tools, optimizing alert systems, and supporting threat response strategies within a dynamic team environment.
Qualifications
- Experience with Microsoft Sentinel, Defender, and Azure technologies.
- Hands-on experience in SOC operations and security tooling.
- Ability to implement SOAR playbooks and develop detection logic.
Responsibilities
- Engineer and maintain security tooling including Microsoft Sentinel and Defender solutions.
- Develop detection logic using KQL and implement SOAR playbooks.
- Collaborate with teams to ensure telemetry quality and optimize alert fidelity.
Skills
Job description
Social network you want to login/join with:
Client:
SR2 | Socially Responsible Recruitment | Certified B Corporation
Slough, United Kingdom
Other
Yes
4
10.06.2025
25.07.2025
A skilled SOC Engineer is required to support the design, configuration, and optimisation of a mature security operations capability within a critical public sector environment. The successful candidate will be responsible for the deployment, tuning, and continual improvement of advanced detection and response tooling, with a focus on the Microsoft Security Stack and Azure-native technologies.
This is a hands-on engineering role with cross-functional engagement across detection teams, infrastructure, and threat response.
Key Responsibilities- Engineer and maintain security tooling, including:
- Microsoft Sentinel – connector management, rule tuning, data enrichment
- Microsoft Defender solutions (Endpoint, Identity, Cloud Apps)
- Develop and refine detection logic using KQL, and implement SOAR playbooks via Logic Apps.
- Integrate data sources from hybrid environments (cloud/on-premise) into the SIEM.
- Optimise alert fidelity and reduce false positives through rule refinement and log tuning.
- Support the SOC function by identifying and addressing detection gaps.
- Collaborate with infrastructure and operations teams to ensure telemetry quality and visibility.
- Contribute to engineering playbooks, architectural documentation, and automation pipelines.
- Support threat hunting, red/blue team simulation readiness, and post-incident forensic analysis.
'/%3e%3cpath%20d='M101.744%2012.4726L102.894%2016.1947L99.0021%2013.2201L101.744%2012.4726ZM105.3%208.40937H100.488L99.0026%203.59473L97.5116%208.41047L92.7%208.40385L96.5965%2011.3834L95.1055%2016.1942L99.0021%2013.2196L101.408%2011.3834L105.3%208.40992V8.40937Z'%20fill='white'/%3e%3cdefs%3e%3clinearGradient%20id='paint0_linear_5593_1381'%20x1='90'%20y1='9.44471'%20x2='99'%20y2='9.44471'%20gradientUnits='userSpaceOnUse'%3e%3cstop%20stop-color='%2300AD70'/%3e%3cstop%20offset='0.998594'%20stop-color='%2300B67A'/%3e%3cstop%20offset='1'%20stop-color='%23DCDCE6'/%3e%3c/linearGradient%3e%3c/defs%3e%3c/svg%3e){kind=small}
Similar jobs
job faster
